Skills
skills/membranedev/application-skills/assemblyai/Gen Agent Trust Hub

assemblyai

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Recommends installing the @membranehq/cli tool, which is a trusted resource from the skill vendor (membranedev) for managing API integrations.
  • [COMMAND_EXECUTION]: Employs the membrane CLI for authentication and executing API actions, which are the intended and safe methods for this skill's functionality.
  • [PROMPT_INJECTION]: The skill processes transcription data from external audio files, representing an indirect prompt injection surface.
  • Ingestion points: create-transcript, get-transcript and search-words actions in SKILL.md.
  • Boundary markers: None explicitly mentioned in the skill text.
  • Capability inventory: Subprocess calls are limited to the membrane CLI which manages network and credential operations as described in SKILL.md.
  • Sanitization: Not described in the skill; however, the skill serves as a data retrieval tool and does not interpolate output into unsafe sinks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 08:56 AM